An updated version of it Sophos Web Appliance κατάφερε να “ρίξει” χιλιάδες υπολογιστές χρηστών, και να βγάλει offline για δύο μέρες το αυστραλιανό τηλεφωνικό κέντρο μιας παγκόσμιας εταιρείας. Ο λόγος της καταστροφής, ήταν ότι η εταιρεία ασφαλείας έκανε ανάκληση του αλγόριθμου κρυπτογράφησης SSL 3.0 που χρησιμοποιούνταν στο Citrix Receiver.
The British security company with the release of 4.0.2.3 update last week tried to correct four non-critical issues of SSL 3.0.
But this update was the cause of the disaster that followed, as it was incompatible with recent versions of Citrix Receiver. The new Citrix was updated to fend off attacks with POODLE.
The company from Australia as we mentioned went out of business for two days – and continues to present problems with interruptions – since the update prevents operators from accessing a portal required for sending mission-critical entries.
The manager of the Australian company said that Sophos did not warn them about the SSL 3.0 withdrawal and took 24 hours to respond to a e-mail support, according to He Reg.
The Sophos update should normally have been designed and coordinated in advance, according to the manager.